Categories /

Security - Forensic Tools (4)

JumpListsView v1.11 Updated

billon on 29 Sep 2017
  • 108KB (uncompressed)
  • Released on 28 Sep 2017
  • Suggested by Checker

JumpListsView displays the information stored by the 'Jump Lists' feature available when you right-click on something in the task bar in Windows 7 - 10. For every record found, data available includes the filename that the user opened, the date/time, the ID of the application, the size/time/attributes of the file on the time that the file was opened etc.

You can also export the Jump Lists records to csv/tab-delimited/xml/html file.

Category:
System Requirements: Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch JumpListsView.exe.
What's new?
  • Fixed bug: JumpListsView crashed when it failed to open a jump list file.

DataProtectionDecryptor v1.05

billon on 8 Jul 2017
  • 146KB (uncompressed)
  • Released on 8 Jul 2017
  • Suggested by billon

DataProtectionDecryptor allows you to decrypt passwords and other information encrypted by the DPAPI (Data Protection API) system of Windows operating system, such as passwords of Microsoft Outlook accounts, credentials files of Windows, wireless network keys, passwords in some versions of Internet Explorer, passwords and cookies of Chrome Web browser.

Category:
System Requirements: WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch DataProtectionDecryptor.exe.
Similar/alternative apps: EncryptedRegView
What's new?
  • Added 'Display Encrypted Data In Lower Pane' option.

Windows File Analyzer v2.6.4

billon on 14 May 2016
  • 3MB (uncompressed)
  • Released on 14 May 2016
  • Suggested by I am Baas

Windows File Analyzer decodes and analyzes to provide cached information for forensic analysis. Includes a tabbed interface with a multiple-document window and horizontal/vertical/cascade view settings. Analysis results can be printed in user-friendly form. The program includes a variety of analysis tools useful for seeing how much information your computer leaves behind that could represent a privacy risk or for trying to detect nefarious activity.

Features include thumbnail viewers available for Windows XP, ACDSee, Google Picasa, FastStone Viewer, and HP Digital Imaging files, displaying content with stored data and image preview. A Prefetch Analyzer looks at recent programs run and stored in the Prefetch folder while the Shortcut Analyzer for all shortcut files in specified folder and data stored in them. An Index.DAT Analyzer looks at Internet Explorer cookies, temporary files or history while a Recycle Bin decoding tool displays Info2 files that hold recycle bin content (Win2k and XP only).

A PDF-format help file is available from the author website.

Category:
System Requirements: Win2K / WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: None
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch WFA.EXE.
What's new?
  • Visual fixes.
Latest comments
__philippe on 2013-07-08 20:53

Categories classification:

Currently, WindowsFileAnalyser can be looked up under 2 categories
- Files -> Miscellaneous (25)
- Security -> Privacy Tools (42)

Would it be appropriate to expand the list with the newly created "Security -> "Forensic Tools" subcategory ?

__philippe

Add comment

BinText v3.00

Midas on 24 Apr 2014

BinText is a file text scanner / extractor that helps find character strings buried in binary files. The program can extract text from any kind of file and display plain ASCII text, Unicode (double byte ANSI) text, as well as Resource strings. Additional useful information for each item is included in the "Advanced" mode. Uniquely, the program will show both the file offset and the memory offset of each string found.

Although primarily targeted for programmers, it can be used by anyone interested in ferreting out character strings buried within binary files.

Note: Although updated versions of the program exist, the 3.00 version is listed for reasons described in forums.

Category:
System Requirements: WinXP / Vista / Win7
Writes settings to: None
Stealth: ? Yes
Unicode support: Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch bintext.exe.
Similar/alternative apps: Strings (Command Line)
Latest comments
__philippe on 2013-07-15 08:17

Here is an old (2006) but interesting narrative about using Bintext for viewing Unicode strings in executables.

http://blog.didierstevens.com/2006/07/07/viewing-strings-in-executables/

__philippe

__philippe on 2013-07-26 18:24

BinText at your finger_tip: (WinXP tested)

Place a shortcut to Bintext in your Windows SendTo folder so that you can quickly send files to BinText by right-clicking on their names and choosing Send To -> BinText from the drop-down menu.

You can set this up by right-clicking on bintext.exe, selecting Copy then open up your WindowsSendTo folder, right click the mouse and select Paste Shortcut

As an added bonus, files get automatically loaded in BinText "Advanced view" mode, no need even for clicking the GO button...;-)

__philippe

Add comment